package com.qd.common.sys.domain.login;

import com.fasterxml.jackson.annotation.JsonIgnore;
import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
import com.qd.common.sys.domain.entity.login.LoginUserDTO;
import lombok.Data;
import lombok.experimental.Accessors;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;

import java.util.Collection;
import java.util.Collections;
import java.util.Set;

/**
 * 登录用户身份权限
 *
 * @author sjk
 */
@Data
@Accessors(chain = true)
@JsonIgnoreProperties(value = "userOperator", allowGetters = true)
public class LoginUser implements UserDetails {
    private static final long serialVersionUID = 1L;
    /**
     * 用户唯一标识
     */
    private String token;
    /**
     * 用户唯一ID
     */
    private String userId;
    /**
     * 当前登录用户所属组织
     */
    private String currentOrgId;
    /**
     * 登陆时间
     */
    private Long loginTime;
    /**
     * 过期时间
     */
    private Long expireTime;
    /**
     * 登录IP地址
     */
    private String ipaddr;
    /**
     * 登录地点
     */
    private String loginLocation;
    /**
     * 浏览器类型
     */
    private String browser;
    /**
     * 操作系统
     */
    private String os;
    /**
     * 权限列表，功能列表
     */
    private Set<String> permissions;
    /**
     * 类型，支持多种类型同时登陆
     */
    private String remote;
    /**
     * 登录用户信息
     */
    private transient LoginUserDTO user;
    /**
     * sql参数，登录默认注入
     */
    private transient UserOperator userOperator;

    public LoginUser() {
    }

    public LoginUser(LoginUserDTO user, Set<String> permissions) {
        this.userId = user.getPersonId();
        this.permissions = permissions;
        this.currentOrgId = user.getOrgId();
        this.user = user;
    }

    @JsonIgnore
    @Override
    public String getPassword() {
        return user.getPassword();
    }

    @Override
    public String getUsername() {
        return user.getAccount();
    }

    /**
     * 账户是否未过期,过期无法验证
     */
    @JsonIgnore
    @Override
    public boolean isAccountNonExpired() {
        return true;
    }

    /**
     * 指定用户是否解锁,锁定的用户无法进行身份验证
     */
    @JsonIgnore
    @Override
    public boolean isAccountNonLocked() {
        return true;
    }

    /**
     * 指示是否已过期的用户的凭据(密码),过期的凭据防止认证
     */
    @JsonIgnore
    @Override
    public boolean isCredentialsNonExpired() {
        return true;
    }

    /**
     * 是否可用 ,停用的用户不能身份验证
     */
    @JsonIgnore
    @Override
    public boolean isEnabled() {
        return true;
    }

    @Override
    public Collection<? extends GrantedAuthority> getAuthorities() {
        return Collections.emptyList();
    }

    public void freeData() {
        this.token = null;
        this.userId = null;
        this.currentOrgId = null;
        this.loginTime = null;
        this.expireTime = null;
        this.ipaddr = null;
        this.loginLocation = null;
        this.browser = null;
        this.os = null;
        this.permissions.clear();
        this.remote = null;
        this.user.freeData();
        if (this.userOperator != null) {
            this.userOperator.freeData();
        }
    }
}
